Rootkits, Spyware, and Bots

0 Comments 8:43 pm

Part 2 – 5: Terms and Definitions for Rootkits, Spyware, and Bots

TermDefinition
RootkitChanges to the OS kernel to gain root level permissions to the computer
SpywareMalware that spies on you to get information
AdwarePop-ups that show on your desktop, browsers, applications, and even toolbars
BotsInfected computer being controlled by an attacker via a command and control center
BotnetsMultiple computers infected by the same attacker

Rootkit malware, while more difficult to execute, provide root level or “full control” over the entire computer of both user files and OS files. Rootkits also allow the attackers to take data without being detected from the system or Antivirus software. Everything from keystroke logging to stealing passwords from the victims computer is available through a tools provided by the rootkit. A known way that attackers are able to execute these malware attacks is through vulnerabilities of the OS and applications including USB drives. While removing the rootkit can be very difficult, there are methods and tools available such as ones from Kaspersky and other top anti-virus applications that can help, but usually reimaging a computer is the sure safe way and restoring files as needed. Bots can also be considered a form of a rootkit as a bot refers to your computer being used for resources for a higher purpose by the attacker. When multiple computers are infected by the same attacker, this is considered botnets. A common use for having botnets would be to DDOS a website or service which cause major headaches and problems for business customers. Other ways botnets are used are to steal hardware resources for mining such as Bitcoin or other digital currencies.

Seeing ads and other pop-ups on your computer can be alarming, but making sure you do not proceed with clicking on the ads can prevent further malware and viruses from getting on your computer. Adware are advertisements and pop-ups that appear either all over your screen of the OS or within applications and browsers. Adware can also cause system performance issues and increased network traffic on your systems. Adware can be imbedded in many places on the OS, but some common places to find them are in your “Add and Remove” settings or your extensions/add-ons in your browsers. More advanced adware is considered spyware. Spyware is malware that obtains information about you and what you are doing. This could be special forms of adware, a keystroke logger, or traffic monitoring tools used by an attacker.